On Feb 9, 2005, at 12:53 AM, Priit Randla wrote:
Henry B. Hotz wrote:
It's not clear to me why the MIT and Heimdal realms need to be different.
The reason is quite embarassing, actually - total re-branding. Total renamification :-) from AAA to BBB.
Lotsa host/* principals to recreate and change. And 24/7/365 as usual. So I have to simply
accept that those two realms have to exist and work together for some unspecified time.
You can import an MIT database into Heimdal with hprop. Google for the details, but you export a MIT dump file with some specific options and then use hprop to read it into Heimdal.
Dit it. Unfortunately, all password policies will get lost in the process. Which reminds me that I didn't see a way to create and use policies under Heimdal...
Major PIA if these aren't implemented.
Priit
There is no generic policy framework. There's just a plug-in interface to let you do your own code, which is what I did. There's an example plug-in that includes cracklib in the (current) distribution. While the policies are nice to have for simple set-ups I find them messy and they can't match the requirements I have from on high.
Likewise password history won't import because Heimdal doesn't do that. (The example has an inefficient implementation that I didn't use.)
Before you take on the work of changing realms you might make sure that rest of the things that won't import are things that actually exist on the Heimdal side. Also since both MIT and Heimdal will compile/run on pretty much any Unix you might consider if it's better/easier to just stick with what you've got.
------------------------------------------------------------------------ ----
The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
[EMAIL PROTECTED], or [EMAIL PROTECTED]
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
